Download
| Alert*
oval:org.secpod.oval:def:701343
haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:601059 Multiple security issues have been found in HAProxy, a load-balancing reverse proxy: CVE-2012-2942 Buffer overflow in the header capture code. CVE-2013-1912 Buffer overflow in the HTTP keepalive code. CVE-2013-2175 Denial of service in parsing HTTP headers. oval:org.secpod.oval:def:202933 HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy"s configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances ... oval:org.secpod.oval:def:1600317 HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable. |